Jeffrey Schoenberger

Jeffrey

posted on

How to Minimize the Effects of “Apple-Picking”

This article originally appeared on the Affinity Consulting March 2013 newsletter on legal technology.

Over the last few months, big city thieves have developed a new business: “Apple picking”. The victim is sitting in a public place using his MacBook or iDevice, someone runs up, snatches the device from the user’s hands, and escapes in a waiting vehicle. According to a recent Macworld article, a laptop is stolen every 53 seconds and 97% are not recovered. Last month’s MacCorner article focused on digital security — avoiding viruses and trojans. This month, let’s talk about physical security for your Macs and iDevices.

When considering physical security, we have three categories to think about: preventing loss or theft; securing your data should loss or theft occur; and locating or recovering the device. We’ll cover each in turn.

Preventing the Loss or Theft of Your Mac or iDevice

At the start of this article, I told you a laptop is stolen every 53 seconds. Another statistic I didn’t believe when I first saw it, came in a study Dell commissioned. Business travelers leave 12,000 laptops in airports each week. Among the studied airports, the numbers range from 400 per week at Washington Dulles to 1,200 per week lost at Los Angeles International Airport. It’s shocking, but largely avoidable. The overwhelming majority are lost either at the security checkpoint (40%) or at the departure gate (23%). These lost laptops were far more likely to be forgotten than stolen.

I expect that most people feel rushed at the airport. I certainly do. It’s easy to take your laptop out for the x-ray machine and then forget to put it back in your bag. For several years bag manufacturers have sold “TSA-Friendly” laptop bags that unzip and unfold like a bifold or trifold wallet. The computer remains zipped in the bag, which is laid flat on the belt and scanned. If you don’t take the laptop out of the bag, you can’t forget it at security.

My personal favorite bag of this type is Timbuk2’s Command Bag, It’s a TSA-Friendly laptop bag that’s also durable with many pockets, including one especially for your iPad. If messenger bags are not your style, I’m confident a quick Google search will find a TSA-Friendly bag to your liking.

Once at the gate, your main theft protection is simply to keep your eye on your items. Just as the announcer at the airport says, don’t leave your bags unattended. Similarly, don’t plug in your laptop or iDevice to charge and then walk away. Use common sense and don’t make your gadgets an enticing target.

Securing Your Data

If your Mac or iDevice is lost or stolen, likely the worst part of that loss is not the physical device, pricey as they are, but the data that machine held. The question of data on a lost or stolen device is two-fold: 1) is there are a backup, and 2) how do you prevent unauthorized access to data on the lost or stolen device.

The question of data backup is too detailed to cover in-depth now. However, here are a few hints. If you have iCloud enabled on your iDevices, you have an automatic, free, wireless backup of the apps and most data on your iPhone or iPad, including email, calendars, and contacts. Furthermore, iCloud stores your apps and backups of the data those apps tell it to backup. With a Mac, your options are more varied. In addition to venerable backup programs like ChronoSync and SuperDuper, every modern Mac comes with Time Machine backup software built-in. Just plug in an external hard drive and enable Time Machine. For those with laptops who don’t want to connect an external hard drive to backup, wireless Time Machine options include Time Capsule from Apple, and Dolly Drive, a third-party service.

Another form of backup would be Dropbox or similar file syncing service. However, please keep in mind that such syncing services synchronize all changes, including deletions. If you lose control of a Mac or iDevice linked to Dropbox or its brethren, you must sever that synchronization connection at the service’s website so that the bad guy’s deletions do not sync back to your other computers.

After establishing a working, tested backup, the next question is how to safeguard or, if necessary, destroy (remotely wipe) the data on the lost or stolen machine. Your first line of defense is to passcode or password protect your device or Mac. For iDevices, the easiest way to prevent unauthorized access by a “finder” or thief is by setting a passcode on your iDevice. Setting the iDevice passcode also enables hardware encryption on the device. A similar option for Macs is found in System Preferences > Security & Privacy > General. In both cases, the user must know the passcode or password to gain access.

Second, for Macs, you can enable a whole disk encryption technology built in to Mac OS X 10.7 and above called FileVault 2. Whole disk encryption prevents anyone from accessing the Mac’s data if he does not know the password to decrypt the disk. Furthermore, it also stops a user who cannot log into the Mac from removing the hard drive and placing it in a different computer or enabling target disk mode to circumvent the password and access the data. Without whole disk encryption, placing the hard drive into another computer (or external adapter) or starting it in target disk mode may make the data visible.

If you do not want to use FileVault 2 for whatever reason, it’s possible to create smaller encrypted disk images that mount and unmount in the Finder like hard drives. The encrypted disks can contain any number of files, from a single document of passwords to all your bank records for a year, or more. Mac OS X comes with a built-in encryption tool to walk you through creating the disk image. There’s also a nice program from AgileBits called Knox that puts a pretty front-end on the Mac’s built-in tool. Tao Effect’s Espionage 3 is another option, particularly if you want to encrypt folders without dragging them to a new disk image. Finally, there’s the cross-platform TrueCrypt that creates encrypted disk image readable by both Macs and PCs.

Location and Recovery of your Mac or iDevice

Having discussed a couple of ways to manage your Mac and iDevice physical security, and backup and secure data in the event of loss, let’s discuss locating, recovering, or erasing a lost or stolen machine.

Built-in Software

For years, Apple’s products have available a free service called Find My iPhone, or iPad, or, more recently, Mac. If you have an iCloud account with Apple, something that’s a good idea if you own any iOS device – if for no other reason that seamless, wireless backup and recovery, then you have free access to the “Find My” service. Once you enable it on iOS (Settings > iCloud > Find My iPhone) or your Mac (System Preferences > iCloud > Find My Mac), then you can login to iCloud, click on “Find My iPhone”, and see the location of your devices. From that screen, you can see where the device is on a map, play a sound to help you locate the device, lock the device, or even erase it. This is a marvelous free service available to any Apple user. If you have not enabled it on your devices, do so.

There are a couple of limitations with iCloud’s “Find My” service that may lead you to investigate a third-party option, described below. The first is that, assuming the thief gains access to your Mac or iDevice, then he can disable your “Find My” setting easily, assuming he knows where to look. If, for example, you don’t set a passcode on your iPhone or have your Mac resume from sleep without requiring a password, then the thief can disable your tracking. Second, the third-party services described below, particularly Undercover and LoJack, emphasize their relationships with and tools for law enforcement – helping you recover stolen property. Apple makes no similar claim or promise regarding “Find My iPhone”.

The singular advantage Apple’s “Find My” service on the Mac over the below-described paid options, apart from it being built-in and free, is that it works with Mac OS X’s whole disk encryption, FileVault 2. None of the paid tools work with FileVault 2. The unfortunate question you confront is whether you want to be more confident that your data is safe (using FileVault 2) and have a lesser chance of recovering your hardware (relying solely on “Find My Mac”), or put your data at greater risk, but increase the likelihood of physically recovering your Mac.

More Elaborate Options

In addition to Apple’s “Find My” service through iCloud, there are three other worthy tracking and recovery services for your Macs. Hidden is a combination software and website that tracks your Mac. If your Mac is lost or stolen, you can activate the webcam to grab pics of the user, take screenshots of what the user is doing, and use geolocation services to locate the machine. The Hidden software runs invisibly in the background and the user is completely unaware of any tracking activities. Prices start at $15.00 per year for one computer.

A second program, similar to Hidden, is Undercover. They boast that 82% of stolen laptops with their software are recovered. Undercover’s features are very similar to Hidden, showing you who is using your Mac, what they’re doing, and where they are. Prices for Undercover begin at $49.00 for one computer. There is no recurring charge.

Both of these programs are Mac-native and have a high-quality look and feel. They are newer and smaller players. Neither offers the remote deletion (hard drive wiping) functionality of Apple’s “Find My” service or of our third option below.

A third option, one with which many companies and universities partner, is LoJack for Laptops. It is the 800 lb. gorilla in this space. This software is cross-platform, so you could protect both Macs and PCs from a single account. LoJack does not offer the “pretty” features like webcam photos or screenshots, but it does permit you to lock the machine and remotely delete data, as well as remotely locate the Mac for recovery. LoJack boasts a host of corporate partners and has earned top marks from Macworld and PC Magazine. Prices start at $60.00 per year for one computer, or $90.00 per year for three.

Hopefully these suggestions keep your Macs and iDevices safe. If you have any questions, comments, or tips I missed, feel free to contact me.

March 5, 2013